TestFlight offers over-the-air beta distribution of iOS apps (on non-jailbroken devices). How can this be done? Is this an iOS feature, or a vulnerability exploit?
This article showed how Apples OTA implementation works and can be used outside enterprises as well: ios wireless app distribution
The complete process is documented by Apple.
Apple also published documentation and sample code for registering devices and get the UDID by using profiles, so your website can detect which device is calling.
Some additional solutions with different strenghts:
iOS Beta Builder, a Mac Application to create the website by using a build. Simply upload the resulting files to your webserver.
Diawi: Simple Web service. Upload your IPA file, optionally set a password and send a link to your testers.
AppSendr: Web service for beta build hosting, similar to Testflight, but does not include the device registration process. But provides deployment utilities to automatically upload new versions.
HockeyKit: Open source project for hosting beta versions on your own PHP5 server with additional functionalities like an client for In-App-Updates, automatic device specific web sites and handling multiple applications. Completely file and directory based.
HockeyApp: Web Service for beta build hosting, In-App-Updates, Statistics, and including device registration, invite and recruitment. Also provides server side crash report collection, symbolication (for all threads) and crash grouping for beta and app store apps (iOS + Mac). SDKs are open source, using HockeyKit, QuincyKit and PLCrashReporter (which is the only safe solution on how to do crash report collection on iOS, see this article.
Note: I am the main developer of HockeyKit and QuincyKit, and one of the developers of HockeyApp.
This was possible before TestFlight rolled out a service. The technique stemmed out of the enterprise distribution mechanism. Since 4.0 devices have supported install from web.
Remember - you still need to sign the beta distribution for a select set of UDIDs you can't just willy nilly install it on any device. All they are doing is taking the email the IPA step out of things.
See:
http://www.alexcurylo.com/blog/2010/08/27/wireless-ad-hoc-distribution/
Update: I want to say that Test Flight is one of the most helpful tools I've used when developing though. Just taking the IPA emailing out of the picture was an understatement- I was just trying to call out the technical mechanism. They do a fantastic job managing the whole beta process. Getting new devices enrolled. Notifying users etc.
Testflight basically uses the normal Ad Hoc as already stated.
For this to work, you need the UDID for every device in order to add it to the Ad Hoc profile, re-compile the app with the new profile an redistribute the new build.
You can get the UDID with the help of the OTA Authentication Request. This is actually a step that is done in MDM before the actual profile is rolled out to the device. It basically asks the device for further information about itself and send it back to a self specified server.
The first step is documented here: Apple OTA Configuration
I guess Testflight uses this right after the registration process to collect the UDID, phone name, ...
Yes this is a core feature of iOS for Enterprise Customers who wish to distribute OTA.
Presumably you would pass your UDID over to TestFlight along with the app and they use their Enterprise Licence to send the app to you. I'm sure I'm missing a lot of the technical details but if you want to know more, Apple has a video on this from WWDC 2010.
Login to developer.apple.com, go to WWDC 2010 Videos and use the link to get to the vidoes. The video you want is "Session 108 - Managing Mobile Devices". It is very informative about what is possible with OTA and the steps you have to take to do OTA provisioning.
Stock iOS devices are "vulnerable" to running the user loading Ad Hoc apps from any developer who has that device's UDID, and registers that UDID among their 100 allowed devices on Apple's developer portal.
OTA distribution is just another way to install an Ad Hoc beta test distribution from an enrolled developer.
Related
After reading numerous beta testing strategy guides for iOS I'm still confused about if it's permitted by Apple's Developer Program to distribute an app for external beta testing without getting it approved by them and using TestFlight. For example, is it allowed to create an AdHoc signed app and use a 3rd party tool (Crashlytics, HockeyApp, others) to beta distribute to external entities. External in this case meaning not within your organization. Within an organization, there are other means that can be used like Enterprise Distribution, which have no restrictions but are not allowed to be used externally. The question is: does Apple allow external beta testing for a non-Apple signed app? (non-Apple as opposed to TestFlight which would indeed sign it for external testing via iTunesConnect submission).
UPDATE: after looking into AdHoc and going to the Apple Developer page, it shows this (note the Pre-Release warning in that image) which seems to point to what I suspected - per Apple's rules, you cannot let external folks test your ad hoc app:
So if this is true, I don't see how there's any way around TestFlight for public external betas.
Yes, using Ad-Hoc distribution with external testers is perfectly fine and has been used like that by thousands of developers world wide for years.
Quoting Apple's App Distribution Guide:
Testers don’t need to be team members or iTunes Connect users to run the app, but their devices need to be registered in your developer account.
According to the current Apple Developer Program agreement (bolding of text is mine):
7.3 Distribution on Registered Devices (Ad Hoc Distribution)
Subject to the terms and conditions of this Agreement, You may also distribute Your Applications
for iOS, watchOS and tvOS to individuals within Your company, organization, educational
institution, group, or who are otherwise affiliated with You for use on a limited number of
Registered Devices (as specified on the Program web portal)
See also section 7.3 parts A and B where they clearly allow external testing via TestFlight. Based on that it seems to comfirm that external testing is only allowed via TestFlight. Internal testing can use TestFlight, Enterprise Program-signed apps or Ad Hoc.
HockeyApp do support app distribution by using an Ad Hoc profile.
You need to buy an apple dev program, then you need to create the profiles and use the profile in your projects, then you need to create a new app in your dashboard on HockeyApp(https://rink.hockeyapp.net/manage/dashboard) and integrate our SDK in your build, you could integrate the SDK by following steps in this KB:
https://support.hockeyapp.net/kb/client-integration-ios-mac-os-x-tvos/hockeyapp-for-ios
After these you need to upload the build, profile, symbols to HockeyApp.
We recommend use our interactive SDK integration wizard in HockeyApp for Mac(https://www.hockeyapp.net/releases/mac) which covers the steps of integration SDK and upload files to HockeyApp.
For more information about distribution please see here:
https://support.hockeyapp.net/kb/app-management-2/how-to-organize-development-and-production-apps-for-distribution#hockeyapp-offers-four-pre-defined-release-types
As the title states, I have been developing and testing an app for Iphone. I have got it to install to an iphone via it being plugged into the Mac. But, I would like to get the app place it on my webserver then via a website allow someone to download and install the app. I tried following various tutorials, but as shown below after archiving the app, the export and other buttons are greyed out. Have also made sure 'Generic iOS devices' selected. What could be causing this ?
You have to use Apple TestFlight or use a third party service to allow your beta to be distributed for testing. One good service is HockeyApp, which I am using currently and it is very cheap $10/month.
Without having the UDID of your client, you simply can't!
What is causing this may be that you are not enrolled in the correct Apple developer program.
A stock iOS device will only install an app from a link on a website if the app is signed by certificate from an Enterprise Developer program enrollment (or Ad Hoc provisioned). The Enterprise distribution method is only allowed to employees of the enrolled corporation.
Ad Hoc deployment to devices registered to your enrolled Developer account is also supported by stock iOS devices.
One other possibility is to put a link to your entire Xcode project on your website, with instructions on how anyone with a Mac and Xcode can build your app and then run it on on their device.
I'm developing an app that is supposed to be distributed outside Apple Store. I've read the documentation about app distribution and don't got so clear to me how can I distribute to my specific client... I know I can generate the IPA file, but it is just for testing, right?
What I really need is: get the devices from my client, install the app on those devices for him...
I don't think I need the Enterprise Developer Program, right?
Thanks!
If you are planning to distribute huge amount of users you need an enterprise account. Regular developer account has an option to add device for testing and development up to 100 device.
If you want your app to be tested on clients device first you need to add device UDID onto your developer portal and generate provisioning profile for Ad-Hoc distribution and sign your app with this profile then you can upload it to diawi and send diawi link to your client.
you may watch following tutorial:
https://www.youtube.com/watch?v=XVO0tIHmQTg
You can use TestFlight for this. Its easy to use , optional and easy to integrate its SDK and is free for your mentioned usage.
You have to add the UDID of the iPad devices in the dev certificate and upload the app to testflight.
By integrating the SDK you can use multiple other functionalities support as well, like:
Sessions
Symbolicated Crash Reports
Production Crashes
Checkpoints
Remote Logging
In-App Updates
In-App Feedback
EDIT: you will be in need of UDIDs of the iPad devices only if you are not using Enterprise developer program.
I have a system which I want to present to potential investors. It is a client / server system and the client runs on mobile devices.
The client can only be used when certain people are connected to the server via another app, so I currently don't want to upload it to the app store for public use.
When I present the system to investors I can make sure that the correct people are logged in and run the demo.
I read online and didn't find a suitable distribution mechanism. I don't want to bother my potential investors with details about finding their device ids so I don't think I can use ad-hoc distribution. I can't upload it to the app store because the service isn't available 99% of the time. Any other options"?
Thanks.
Well you options are limited, you can open a new Apple Developers Account for Enterprise distribution. But the license for these distribution does restrict the distribution to company employees only.
You can use the iOS 8 SDK and Xcode 6 to distribute your app to 25 beta tester, wihtout going thru review. And later Apple will allow you to beta test, with app review, for a 100 users.
But for now AdHoC will be your best option, and use something like HockeyApp or TestFlight for the distribution. But using AdHoc does require you to have the device UDID before hand as they need to added to the AdHoc Profile.
Best way to distribute iOS app for testing or demo is to use Testflight. It is much easier then distributing IPA file and letting anyone install it on their iOS device.
I would suggest using TestFlight as it is simple and reliable. The only thing is, you need to register with the device ID. You can send the testFlight build to your selected clients with this.
www.testflightapp.com
Make an enterprise adhoc of your application. Apple allows you to create adhoc of your applciation with 100 users allowed at max.
And then you can demo your application to 100 people.
If you "don't want to trouble the investors with finding their device ids", then test flight is your best options. Your investors just need to install test flight make there account(with really easy steps) on test flight. And accept your invite. After they are are in your team you can easily get there device id by clicking info button next to there name on screen, under people tab of website.
Check this image for detail:
I have created an application for a company that I need to deploy. The application is for internal use only so it will not be available on the App Store. Do I need a UDID for each individual on whose device the app will be installed? That would be impossible since there are 500 employees. Does anyone have a good documentation or experience on deploying the iOS iPhone application using the Enterprise Developer Program only.
With the Apple ENTERPRISE Developer Program you can NOT distribute an App in the Apple AppStore.
Its purpose is to collaborate an In-House App in your own company.
The Enterprise account does not necessarily need the UDID of your target devices. You can for instance also use a link which remotely installs the app directly on the device.
You can find more details here: https://developer.apple.com/programs/enterprise/
If you are trying to deploy applications to customers/users on a production/long term basis, you can deploy an applications outside the apple store in three ways:
manually via iTunes
directly via iTunes Configuration utility
via weblink (sent via mms, email, webbrowser etc.)
In order to distribute an application this way, the application must have a special corporate signature, and each device must have a matching corporate signature installed manually.
The best overall explanation for the process is available at this link.
If you're just testing on a handful of test devices, then you I would suggest two approaches:
a dev release to a test device follow step by step instructions here.
Or you can use a helper application to deploy a beta release: testflightapp.
You can do distribute your iOS app to only a particular set of people (in your case, your company employee), by following these procedure
Get a apple enterprise developer account
Create a distribution certificate and provisioning profile
(In-House) using your enterprise developer account
Archive the ipa file using the created certificate and
provisioning profile
While saving the ipa, click on the check mark. So, the plist file
is also created.
Host the plist and ipa file in your server
Include a download html file with a href tag with src
"itms-services://?action=download-manifest&url=https://mydomain.com/apps/MyInHouseApp.plist"
Now when you click on the link from your device the app will get downloaded.
I don't agree with the previous answer. Check this document page 26.
MDM servers can deploy both App Store apps and in-house enterprise
apps to devices over the air. Both paid and free App Store apps can
be managed by an MDM server using Volume Purchase Program (VPP)
managed distribution.
Once you have VPP and Enterprise Developer account you could be able to install apps in the app store or company owned apps into the managed devices.
Further for just deploying the in-house app you could follow this 9 step process.
If you need to deploy to many devices i suggest AirWatch. I've used it many times, it can be a bit frustrating to set up but once you have it working its very nice to have.
Testflight still requires udid and the limit is 100 for 1 year before you can reset. Enterprise deployment is best method for in house apps.